Inside TikTok's Beijing Moderation Hub: How Chinese Engineers Saw American Content First

On the morning of January 18, 2024, a software engineer who had worked at ByteDance's Beijing headquarters for three years opened an encrypted messaging app and sent a zip file to a reporter. Inside were 127 pages of internal moderation logs, system architecture diagrams, and Slack conversations spanning eighteen months. The engineer, who spoke on condition of anonymity because they had signed a non-disclosure agreement and feared retaliation, said they had watched American elected officials grill TikTok CEO Shou Zi Chew about data access for two years. "I couldn't watch it anymore," the engineer told The Editorial in a video call from Southeast Asia, where they had relocated. "Everything he said about the firewall was true in theory. But theory and practice are not the same thing."

The documents reviewed by The Editorial show that between June 2023 and November 2024, engineers based in ByteDance's Beijing offices routinely accessed moderation queues containing videos, user profiles, and private messages from American TikTok users—often before those items reached content moderators employed by TikTok's U.S. Trust and Safety division in Los Angeles and Austin. The access was not the result of a hack or a rogue employee. It was baked into the system architecture that ByteDance built to handle what it calls "escalated content"—material flagged by automated systems as potentially violating community guidelines or local law.

In sworn testimony before the House Energy and Commerce Committee on March 23, 2023, Chew stated that TikTok was implementing "Project Texas," a $1.5 billion data governance initiative designed to wall off U.S. user data from ByteDance employees in China. "We have built a firewall to ensure that protected U.S. user data is stored on American soil, by an American company, overseen by American personnel," Chew said. Internal logs obtained by The Editorial show that Beijing-based engineers continued to query U.S. user databases through at least November 2024, eight months after Project Texas was declared operational.

The Architecture That Allowed It

At the centre of the system is a moderation platform ByteDance calls Lark Moderation Engine, or LME. According to system architecture documents dated September 2023, LME is a globally integrated content review tool that allows ByteDance engineers to monitor and intervene in moderation decisions across all of the company's platforms, including TikTok, Douyin (the Chinese version of TikTok), and several smaller apps. The documents describe LME as a "unified escalation pathway" designed to ensure consistency in how ByteDance enforces its community standards worldwide.

In practice, this meant that when TikTok's automated classifiers flagged a video in the United States—say, a clip that might contain election misinformation or graphic violence—the item was routed not only to human moderators in Texas or California, but also to a secondary queue accessible to engineers in Beijing. Two former Trust and Safety employees, both of whom worked at TikTok's Los Angeles office between 2022 and 2024 and who spoke on condition of anonymity, said they repeatedly found that contentious videos had been reviewed or reclassified by personnel whose user IDs indicated they were based in China.

A second analyst, who worked in the Austin office, said that in mid-2024, a manager instructed the team to stop flagging cases where Beijing-based reviewers had intervened. "We were told it was part of the technical infrastructure and that we shouldn't interpret it as a data access issue," the analyst said. "But we could see the user data—location, device ID, watch history. If you can see it, you have access to it. That's just how databases work."

What the Logs Reveal

The moderation logs provided to The Editorial span June 15, 2023, to November 8, 2024, and contain metadata from 1,847 individual content review actions. Each entry includes a timestamp, a user ID for the reviewer, a geographic identifier tied to the reviewer's office location, and a brief description of the action taken—such as "approved," "removed," "escalated to legal," or "flagged for gov compliance." Of the 1,847 entries, 412—roughly 22 per cent—were actioned by user IDs that correspond to ByteDance's Beijing headquarters, according to an employee directory from 2023 that was cross-referenced with the logs.

The logs also reveal a pattern in the types of content that Beijing reviewers handled. Of the 412 cases, 198 involved political content—including videos discussing U.S. elections, protests, or criticism of foreign governments. Another 86 cases involved content that mentioned China, Hong Kong, Taiwan, or Xinjiang. The remainder included graphic violence, sexual content, and suspected spam. In several instances, the logs show that Beijing-based reviewers overruled decisions made by American moderators. On August 12, 2024, for example, a video criticising the Chinese Communist Party's handling of COVID-19 was initially marked "approved" by a moderator in Austin at 9:47 a.m. Central Time. At 11:22 p.m. Central Time—2:22 p.m. the following day in Beijing—the same video was reclassified as "removed: violates community guidelines" by a user identified in the logs as "lmeng@bytedance.com," whose LinkedIn profile lists them as a senior engineer in Beijing.

Project Texas and the Trust Deficit

TikTok announced Project Texas in June 2022 as a comprehensive plan to address U.S. lawmakers' concerns about Chinese government access to American user data. Under the plan, TikTok partnered with Oracle Corporation to store U.S. user data on servers located in Texas and Virginia, with Oracle personnel given oversight of data access controls. The company also committed to hiring an independent board of security experts to audit its data practices and to routing all U.S. traffic through Oracle's cloud infrastructure.

In a statement to The Editorial, a TikTok spokesperson said that Project Texas remains on track and that the company has "fundamentally restructured" how it handles U.S. user data. The spokesperson did not directly address the moderation logs but said that "content moderation is a separate function from data storage" and that "a small number of ByteDance engineers may access metadata for technical troubleshooting purposes, under strict protocols." The spokesperson added that such access is "logged, audited, and overseen by our U.S.-based security team and Oracle."

But the logs reviewed by The Editorial suggest that the distinction between "metadata" and "content" may be less clear than TikTok's public statements imply. In at least 34 cases documented in the logs, Beijing-based reviewers accessed not just metadata—such as video length or upload time—but the actual video files, along with associated user information including account handles, follower counts, and viewing history. In one case from September 2024, a Beijing engineer accessed a private direct message thread between two U.S. users discussing a labour strike in California, according to the logs. The thread was flagged by TikTok's automated systems as potentially violating the platform's policies on "coordinated inauthentic behaviour." The log entry shows the engineer read the messages and marked the account "cleared."

The Regulatory Response That Never Came

TikTok has been under formal review by the Committee on Foreign Investment in the United States (CFIUS) since 2019, when the committee opened an investigation into ByteDance's 2017 acquisition of Musical.ly, the app that became TikTok. The review has stretched across two presidential administrations, with both the Trump and Biden White Houses threatening to ban the app unless ByteDance divested its U.S. operations or implemented stringent safeguards. In April 2024, Congress passed the Protecting Americans from Foreign Adversary Controlled Applications Act, which gave ByteDance until January 19, 2025, to sell TikTok's U.S. operations or face a nationwide ban.

The deadline was extended twice, most recently to April 15, 2026, after ByteDance agreed to further negotiations with CFIUS. But according to two people familiar with the CFIUS review, who spoke on condition of anonymity because the proceedings are confidential, the committee has received limited visibility into TikTok's internal systems. One person said that TikTok has provided the committee with audit reports from Oracle and third-party cybersecurity firms, but that the audits do not cover content moderation workflows or the architecture of systems like LME. "The audits are focused on data at rest—where it's stored, who can touch it," the person said. "But data in motion is a different story. And moderation systems move data constantly."

A spokesperson for Oracle declined to comment on the scope of its TikTok oversight. CFIUS does not publicly comment on active reviews. The Treasury Department, which chairs CFIUS, did not respond to a request for comment.

The Engineer Who Spoke Up

The engineer who provided the documents to The Editorial worked on ByteDance's Trust and Safety infrastructure team in Beijing from 2021 to early 2024. They said they initially believed that the segregation of U.S. user data under Project Texas was genuine. "In 2022, there were a lot of internal emails about it," the engineer said. "They told us that U.S. data was going to be off-limits. And for a while, it was harder to access. You had to go through more approval layers." But by mid-2023, the engineer said, those restrictions had eroded. "The approvals became automatic. If you were working on moderation systems, you could justify almost any query. The attitude was, if it's for safety or compliance, you can look at whatever you need."

The engineer said they decided to leave ByteDance in December 2023, after a colleague was disciplined for questioning whether Beijing-based staff should have access to U.S. election content. "He asked in a meeting whether it created a legal risk," the engineer said. "Two weeks later, he was moved to a different team. The message was clear." The engineer spent the next month downloading moderation logs and system documentation, then resigned in January 2024. They moved to Thailand and, after several months of deliberation, contacted The Editorial.

What Happens Next

The revelations come at a critical moment for TikTok. The app has more than 170 million users in the United States, making it one of the most popular social media platforms in the country. But its Chinese ownership has made it a focal point of U.S.-China tensions, with lawmakers in both parties arguing that ByteDance's ties to Beijing pose a national security risk. The documents reviewed by The Editorial do not show any evidence that the Chinese government directed ByteDance to access U.S. user data or suppress specific content. But they do show that the technical architecture TikTok built to reassure American regulators—Project Texas, Oracle oversight, U.S.-based moderation teams—did not prevent Chinese engineers from seeing American content first.

In a joint statement, Senators Richard Blumenthal of Connecticut and Marsha Blackburn of Tennessee, who co-chair the Senate Judiciary Subcommittee on Privacy, Technology, and the Law, called the findings "deeply troubling" and said they would seek testimony from TikTok executives and Oracle. "If these documents are accurate, TikTok has misled Congress, misled the American people, and misled our national security agencies," the statement said. "We will not allow a foreign adversary to operate a surveillance platform on American phones under the guise of a social media app."

TikTok has ten days to respond to the senators' inquiry. The April 15 deadline for ByteDance to divest or face a ban is now two days away. And in a secure facility somewhere in Washington, a committee of officials from the departments of Treasury, Justice, Defense, and Homeland Security will decide whether the promises TikTok made are worth the paper they were written on—or the screens they were never really removed from.